Back to search
CVE-2005-1686
Published: May 25, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2005:499
vendor-advisory
x_refsource_REDHAT
DSA-753
vendor-advisory
x_refsource_DEBIAN
USN-138-1
vendor-advisory
x_refsource_UBUNTU
oval:org.mitre.oval:def:9845
vdb-entry
signature
x_refsource_OVAL
20050520 pst.advisory: gedit fun. opensource is god .lol windows
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:1245
vdb-entry
signature
x_refsource_OVAL
GLSA-200506-09
vendor-advisory
x_refsource_GENTOO
SUSE-SA:2005:036
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now